International Journal of Engineering and Technology

Authentication and key management are the key challenges in the cloud environment while exchanging the confidential information. It requires a lightweight key management protocol for communication in the cloud environment. This paper presents a lightweight hybrid key management scheme for improved data security in the cloud computing environment. A Third Party Auditor (TPA) ensures secure data communication between the data owner and cloud service provider using the proposed key management scheme. The hybrid scheme is developed by combining identity-oriented key management and pairwise probabilistic key pre-distribution schemes. The lightweight two-level session key is generated using the Hash Message Authentication Code (HMAC) and Exclusive OR (XOR) operations. It involves two level of session key establishment to reinforce the key against the traffic analysis attack. The Advanced Encryption Standard (AES) key and session key are required to download and decrypt the file. The cloud server schedules the tasks to the Virtual Machines (VMs) by applying the Genetic Algorithm (GA). The experimental analysis shows that the proposed key management scheme requires lower minimum key size, energy consumption, file uploading time, file downloading time and encryption time than the existing schemes